Generate SSH Key with Specific Algorithm on Ubuntu

This guide provides a straightforward, step-by-step walkthrough on how to specify a particular encryption algorithm—such as Ed25519 or RSA—when creating your SSH keys using the ssh-keygen tool on Ubuntu Linux. You will learn the correct command flags to use, the differences between the major algorithms, and how to successfully generate and locate your new secure keys.

When generating an SSH key in Ubuntu, the ssh-keygen command-line utility is used. By default, it may generate an RSA key, but you can explicitly define your preferred encryption algorithm using the -t (type) flag.

Step 1: Open the Terminal

Press Ctrl + Alt + T on your keyboard to open the terminal on Ubuntu.

Step 2: Choose Your Encryption Algorithm

The two most common and secure algorithms used today are: * Ed25519: Highly secure, efficient, and offers faster performance. This is the modern standard and is highly recommended. * RSA: Highly compatible with older systems. If you must use RSA, it should be at least 4096 bits for adequate security.

Step 3: Run the SSH Key Generation Command

Option A: Generate an Ed25519 Key (Recommended)

To generate a key using the Ed25519 algorithm, run the following command. Replace the email address with your own for identification purposes:

ssh-keygen -t ed25519 -C "your_email@example.com"

Option B: Generate an RSA Key (With Specific Bit Length)

If you require RSA for compatibility, use the -t rsa flag. You should also use the -b flag to specify a key length of 4096 bits for maximum security:

ssh-keygen -t rsa -b 4096 -C "your_email@example.com"

Step 4: Save the Key and Set a Passphrase

After executing your chosen command, the system will prompt you with the following steps:

1. Enter file in which to save the key: Press Enter to accept the default file location (~/.ssh/id_ed25519 or ~/.ssh/id_rsa).
2. Enter passphrase: Type a secure passphrase to protect your private key. This adds an extra layer of security if someone gains access to your local machine. Press Enter again to confirm the passphrase.

Step 5: Locate Your SSH Keys

Once the process is complete, your public and private keys will be stored in the hidden .ssh directory in your home directory.

• Private Key: ~/.ssh/id_ed25519 (Keep this secret and never share it)
• Public Key: ~/.ssh/id_ed25519.pub (This is the key you copy to remote servers)

You can view your public key using the cat command to copy it for server authorization:

cat ~/.ssh/id_ed25519.pub